i-on platform is fully hosted in AWS data centers the United States of America

AWS datacenter redundancy

Power

AWS data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day

AWS ensures data centers are equipped with back-up power supply to ensure power is available to maintain operations in the event of an electrical failure for critical and essential loads in the facility

Climate and Temperature

AWS data centers use mechanisms to control climate and maintain an appropriate operating temperature for servers and other hardware to prevent overheating and reduce the possibility of service outages

Personnel and systems monitor and control temperature and humidity at appropriate levels

In order to detect the presence of water leaks, AWS equips data centers with functionality to detect the presence of water

If water is detected, mechanisms are in place to remove water in order to prevent any additional water damage

AWS network redundancy

i-on interactive platform is logically isolated at the network level in AWS into an Amazon Virtual Private Cloud where we can launch AWS resources in a virtual network that we define. i-on interactive has complete control over our virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.

AWS has identified critical system components required to maintain the availability of the system and recover service in the event of outage. Critical system components are backed up across multiple, isolated locations known as Availability Zones. Each Availability Zone runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. Availability Zones are connected to each other with fast, private fiber-optic networking, enabling you to easily architect applications that automatically fail-over between Availability Zones without interruption.

AWS Elastic Load Balancers are used to automatically distributes incoming application traffic across multiple Amazon EC2 instances in the cloud. This allows us to achieve greater levels of fault tolerance in the i-on platform, seamlessly providing the required amount of load balancing capacity needed to distribute application traffic.

AWS CloudWatch allows us to collects monitoring and operational data in the form of logs, metrics, and events, providing i-on Support and Engineering teams with a unified view of AWS resources, applications and services. CloudWatch is natively integrated with more than 70 AWS services and is integrated into our extended platform monitoring solution (including New Relic and PagerDuty). CloudWatch is leveraged to set high resolution alarms, visualize logs and metrics side by side, take automated actions, troubleshoot issues, and discover insights to optimize the i-on platform, and ensure they are running smoothly.

Firewalls, routers, switches and internet backbone connections are all maintained with redundancy and high availability on a 24/7/52 basis by AWS

Redundant power to all infrastructure routers and switches, as well as the data centers themselves

Network and server security

Databases logically segregated into a private network data tier that is not accessible from the internet, with ingress and egress traffic restricted by AWS Security Groups

Network and system monitoring provided by AWS CloudWatch Alarms, New Relic application and infrastructure monitoring, SumoLogic centralized log aggregation (with logs encrypted using AES-256 during transport and at rest), and incident alerting and triage using PagerDuty

Access to ion interactive servers restricted to only an approved subset of ion interactive’s engineering team via secure VPN connections

All system administrator access to ion interactive servers logged to an audit trail

Anti-Virus Protection is used to scan servers for viruses and infected files are automatically quarantined

Server/application reliability

Dedicated fallback service paired with AWS Internet Gateways, AWS firewall-equivalent Security Groups and AWS Elastic Load Balancers provides seamless HTTP/HTTPS redirects to customer-specific URL in the instance of an interruption to the ion service

Databases deployed on AWS RDS Managed Services helps to reduce operational overhead and risk by automating common activities such as change requests, monitoring, patch management, security, and backup services, and provides full-lifecycle services to provision, run, and support the infrastructure

Immediate alerts to Support teams and automated escalation to Engineering teams in the instance of any such fallback

AWS Enterprise Support team and specialized support teams for network, hardware, managed services and general troubleshooting are standing by 24/7/52 for immediate detection and resolution of any such AWS infrastructure failures

ion interactive “sentry” service on each server automatically notifies the ion interactive engineering team in the event of system-level anomalies